docs/vault-helm: updates for v0.28.0 release (#26282)

2025-11-01 19:17:58 +00:00 · 2024-04-12 13:37:56 -07:00
parent 8605230df7
commit e4f9d024c8
10 changed files with 24 additions and 22 deletions
--- a/website/content/docs/configuration/service-registration/kubernetes.mdx
+++ b/website/content/docs/configuration/service-registration/kubernetes.mdx
@@ -71,7 +71,7 @@ metadata:
    vault-initialized: "true"
    vault-perf-standby: "false"
    vault-sealed: "false"
-    vault-version: 1.15.2
+    vault-version: 1.16.1
 ```
 After shutdowns, Vault pods will bear the following labels:
@@ -86,7 +86,7 @@ metadata:
    vault-initialized: "false"
    vault-perf-standby: "false"
    vault-sealed: "true"
-    vault-version: 1.15.2
+    vault-version: 1.16.1
 ```
 ## Label definitions
@@ -102,7 +102,7 @@ metadata:
 - `vault-sealed` `(string: "true"/"false")` – Vault sealed is updated dynamically each
  time Vault's sealed/unsealed status changes. True indicates that Vault is currently sealed. False indicates that Vault
  is currently unsealed.
- `vault-version` `(string: "1.15.2")` – Vault version is a string that will not change during a pod's lifecycle.
+- `vault-version` `(string: "1.16.1")` – Vault version is a string that will not change during a pod's lifecycle.
 ## Working with vault's service discovery labels
@@ -156,7 +156,7 @@ $ vault write -f sys/replication/performance/primary/enable \
 In conjunction with the pod labels and the `OnDelete` upgrade strategy, upgrades are much easier to orchestrate:
 ```shell-session
-$ helm upgrade vault --set='server.image.tag=1.15.2'
+$ helm upgrade vault --set='server.image.tag=1.16.1'
 $ kubectl delete pod --selector=vault-active=false \
    --selector=vault-version=1.2.3
--- a/website/content/docs/platform/k8s/helm/configuration.mdx
+++ b/website/content/docs/platform/k8s/helm/configuration.mdx
@@ -79,7 +79,7 @@ and consider if they're appropriate for your deployment.
    - `repository` (`string: "hashicorp/vault-k8s"`) - The name of the Docker image for Vault Agent Injector.
-    - `tag` (`string: "1.3.1"`) - The tag of the Docker image for the Vault Agent Injector. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller.
+    - `tag` (`string: "1.4.1"`) - The tag of the Docker image for the Vault Agent Injector. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller.
    - `pullPolicy` (`string: "IfNotPresent"`) - The pull policy for container images. The default pull policy is `IfNotPresent` which causes the Kubelet to skip pulling an image if it already exists.
@@ -87,7 +87,7 @@ and consider if they're appropriate for your deployment.
    - `repository` (`string: "hashicorp/vault"`) - The name of the Docker image for the Vault Agent sidecar. This should be set to the official Vault Docker image.
-    - `tag` (`string: "1.15.2"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar. **Vault 1.3.1+ is required by the admission controller**.
+    - `tag` (`string: "1.16.1"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar. **Vault 1.3.1+ is required by the admission controller**.
  - `agentDefaults` - Values that configure the injected Vault Agent containers default values.
@@ -351,7 +351,7 @@ and consider if they're appropriate for your deployment.
    - `repository` (`string: "hashicorp/vault"`) - The name of the Docker image for the containers running Vault.
-    - `tag` (`string: "1.15.2"`) - The tag of the Docker image for the containers running Vault. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller.
+    - `tag` (`string: "1.16.1"`) - The tag of the Docker image for the containers running Vault. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller.
    - `pullPolicy` (`string: "IfNotPresent"`) - The pull policy for container images. The default pull policy is `IfNotPresent` which causes the Kubelet to skip pulling an image if it already exists.
@@ -724,6 +724,8 @@ and consider if they're appropriate for your deployment.
    "sample/annotation2": "bar"
  ```
  - `configAnnotation` (`boolean: false`) - Add an annotation to the server configmap and the statefulset pods, `vaultproject.io/config-checksum`, that is a hash of the Vault configuration. This can be used together with an OnDelete deployment strategy to help identify which pods still need to be deleted during a deployment to pick up any configuration changes.
  - `service` - Values that configure the Kubernetes service created for Vault. These options are also used for the `active` and `standby` services when [`ha`](#ha) is enabled.
    - `enabled` (`boolean: true`) - When set to `true`, a Kubernetes service will be created for Vault.
@@ -1088,7 +1090,7 @@ and consider if they're appropriate for your deployment.
    - `repository` (`string: "hashicorp/vault-csi-provider"`) - The name of the Docker image for the Vault CSI Provider.
-    - `tag` (`string: "1.4.1"`) - The tag of the Docker image for the Vault CSI Provider.. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your CSI provider.
+    - `tag` (`string: "1.4.2"`) - The tag of the Docker image for the Vault CSI Provider.. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your CSI provider.
    - `pullPolicy` (`string: "IfNotPresent"`) - The pull policy for container images. The default pull policy is `IfNotPresent` which causes the Kubelet to skip pulling an image if it already exists locally.
@@ -1237,7 +1239,7 @@ and consider if they're appropriate for your deployment.
      - `repository` (`string: "hashicorp/vault"`) - The name of the Docker image for the Vault Agent sidecar. This should be set to the official Vault Docker image.
-      - `tag` (`string: "1.15.2"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar.
+      - `tag` (`string: "1.16.1"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar.
    - `logFormat` (`string: "standard"`) -
    - `logLevel` (`string: "info"`) -
--- a/website/content/docs/platform/k8s/helm/enterprise.mdx
+++ b/website/content/docs/platform/k8s/helm/enterprise.mdx
@@ -33,7 +33,7 @@ In your chart overrides, set the values of [`server.image`](/vault/docs/platform
 server:
  image:
    repository: hashicorp/vault-enterprise
-    tag: 1.15.2-ent
+    tag: 1.16.1-ent
  enterpriseLicense:
    secretName: vault-ent-license
 ```
--- a/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx
+++ b/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx
@@ -23,7 +23,7 @@ First, create the primary cluster:
 ```shell
 helm install vault-primary hashicorp/vault \
  --set='server.image.repository=hashicorp/vault-enterprise' \
-  --set='server.image.tag=1.15.2-ent' \
+  --set='server.image.tag=1.16.1-ent' \
  --set='server.ha.enabled=true' \
  --set='server.ha.raft.enabled=true'
 ```
@@ -75,7 +75,7 @@ disaster recovery replication.
 ```shell
 helm install vault-secondary hashicorp/vault \
  --set='server.image.repository=hashicorp/vault-enterprise' \
-  --set='server.image.tag=1.15.2-ent' \
+  --set='server.image.tag=1.16.1-ent' \
  --set='server.ha.enabled=true' \
  --set='server.ha.raft.enabled=true'
 ```
--- a/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx
+++ b/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx
@@ -23,7 +23,7 @@ First, create the primary cluster:
 ```shell
 helm install vault-primary hashicorp/vault \
  --set='server.image.repository=hashicorp/vault-enterprise' \
-  --set='server.image.tag=1.15.2-ent' \
+  --set='server.image.tag=1.16.1-ent' \
  --set='server.ha.enabled=true' \
  --set='server.ha.raft.enabled=true'
 ```
@@ -74,7 +74,7 @@ With the primary cluster created, next create a secondary cluster.
 ```shell
 helm install vault-secondary hashicorp/vault \
  --set='server.image.repository=hashicorp/vault-enterprise' \
-  --set='server.image.tag=1.15.2-ent' \
+  --set='server.image.tag=1.16.1-ent' \
  --set='server.ha.enabled=true' \
  --set='server.ha.raft.enabled=true'
 ```
--- a/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx
+++ b/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx
@@ -15,7 +15,7 @@ Integrated Storage (raft) can be enabled using the `server.ha.raft.enabled` valu
 ```shell
 helm install vault hashicorp/vault \
  --set='server.image.repository=hashicorp/vault-enterprise' \
-  --set='server.image.tag=1.15.2-ent' \
+  --set='server.image.tag=1.16.1-ent' \
  --set='server.ha.enabled=true' \
  --set='server.ha.raft.enabled=true'
 ```
--- a/website/content/docs/platform/k8s/helm/run.mdx
+++ b/website/content/docs/platform/k8s/helm/run.mdx
@@ -409,14 +409,14 @@ Next, list the Helm versions and choose the desired version to install.
 ```bash
 $ helm search repo hashicorp/vault
 NAME           	CHART VERSION	APP VERSION	DESCRIPTION
-hashicorp/vault	0.27.0       	1.15.2     	Official HashiCorp Vault Chart
+hashicorp/vault	0.28.0       	1.16.1     	Official HashiCorp Vault Chart
 ```
 Next, test the upgrade with `--dry-run` first to verify the changes sent to the
 Kubernetes cluster.
 ```shell-session
-$ helm upgrade vault hashicorp/vault --version=0.27.0 \
+$ helm upgrade vault hashicorp/vault --version=0.28.0 \
    --set='server.image.repository=vault' \
    --set='server.image.tag=123.456' \
    --dry-run
--- a/website/content/docs/platform/k8s/injector/annotations.mdx
+++ b/website/content/docs/platform/k8s/injector/annotations.mdx
@@ -28,7 +28,7 @@ them, optional commands to run, etc.
 - `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This
  value overrides the default image configured in the injector and is usually
-  not needed. Defaults to `hashicorp/vault:1.15.6`.
+  not needed. Defaults to `hashicorp/vault:1.16.1`.
 - `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent
  init container first if `true` (last if `false`). This is useful when other init
--- a/website/content/partials/helm/install.mdx
+++ b/website/content/partials/helm/install.mdx
@@ -2,6 +2,7 @@
 # List the available releases
 $ helm search repo hashicorp/vault -l
 NAME           	CHART VERSION	APP VERSION	DESCRIPTION
 hashicorp/vault	0.28.0       	1.16.1     	Official HashiCorp Vault Chart
 hashicorp/vault	0.27.0       	1.15.2     	Official HashiCorp Vault Chart
 hashicorp/vault	0.26.1       	1.15.1     	Official HashiCorp Vault Chart
 hashicorp/vault	0.26.0       	1.15.1     	Official HashiCorp Vault Chart
@@ -9,9 +10,8 @@ hashicorp/vault	0.25.0       	1.14.0     	Official HashiCorp Vault Chart
 hashicorp/vault	0.24.0       	1.13.1     	Official HashiCorp Vault Chart
 hashicorp/vault	0.23.0       	1.12.1     	Official HashiCorp Vault Chart
 hashicorp/vault	0.22.1       	1.12.0     	Official HashiCorp Vault Chart
 hashicorp/vault	0.22.0       	1.11.3     	Official HashiCorp Vault Chart
 ...
-# Install version 0.27.0
+# Install version 0.28.0
-$ helm install vault hashicorp/vault --version 0.27.0
+$ helm install vault hashicorp/vault --version 0.28.0
 ```
--- a/website/content/partials/helm/repo.mdx
+++ b/website/content/partials/helm/repo.mdx
@@ -4,5 +4,5 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com
 $ helm search repo hashicorp/vault
 NAME           	CHART VERSION	APP VERSION	DESCRIPTION
-hashicorp/vault	0.27.0       	1.15.2     	Official HashiCorp Vault Chart
+hashicorp/vault	0.28.0       	1.16.1     	Official HashiCorp Vault Chart
 ```